Technical Field
The present disclosure relates generally to secure vehicle communication, more particularly, to a method, an apparatus and a system for dynamically controlling secure vehicle communication based on ignition.
Discussion of the Related Art
Recently developed vehicles have various electronic control devices for enhancing driver convenience and safety. An in-vehicle communication network is typically used for communication among the electronic control devices. As the number of electronic control devices in a vehicle has gradually increased, and as linkage to various external devices has similarly increased, vehicle security has become a significant issue.
In this regard, an authentication procedure for an external diagnostic device is required to diagnose a vehicle controller and update data in the vehicle controller. In the authentication procedure between the vehicle controller and the external diagnostic device, when the vehicle controller transmits a seed value to the external diagnostic device in response to a request for authentication of the external diagnostic device, the external diagnostic device generates a key value using the received seed value. In this instance, the generated key value is transmitted to the vehicle controller, and the vehicle controller permits access by the external diagnostic device based on whether the key value received from the external diagnostic device is identical to a key value generated therein according to a predefined algorithm.
In most recently developed vehicles, a restrictive security function is provided only for input/output of a diagnostic signal through an on-board diagnostics (OBD) port. Representative examples of communication security schemes recently applied to vehicles include a diagnosis access authentication technology using the OBD port and a secure flash technology including an authentication mechanism and an encryption mechanism for protecting a programming process from unauthorized access and wiretapping.
However, when another communication port in the vehicle (e.g., a controller area network (CAN) communication port), other than the OBD port, or a communication line is accessed by a hacker, communication data in the vehicle may be wiretapped through the communication port. Communication hacking techniques, such as these, between vehicle controllers is a threat to vehicle security, particularly when various Internet protocol (IP) technologies are applied to the vehicle. Therefore, counteractive measures should be established.
Representative examples of symmetric cryptographic techniques which is currently used include the data encryption standard (DES), the advanced encryption standard (AES), symmetric block cipher, etc. Representative examples of asymmetric cryptographic techniques include Rivest-Shamir-Adleman (RSA), elliptic curve cryptography (ECC), etc. In general, the symmetric cryptographic technique is advantageous over the asymmetric cryptographic technique because an operation speed is higher. Thus, the symmetric cryptographic technique has been used for communication between controllers in most recently developed vehicles.